DB: Oracle Emanagement Overflow
This signature detects attempts to exploit a known vulnerability in the Oracle Emanagement application. Attackers can send malicious HTTP requests designed to trigger a buffer overflow. A successful attack can lead to arbitrary remote code execution within the context of the Oracle application.
Extended Description
Oracle Application Server 10g is prone to a buffer overflow. Successful exploitation could allow arbitrary code execution with SYSTEM privileges. This vulnerability was originally described in Oracle October Security Update Multiple Vulnerabilities (BID 15134). Due to the availability of additional information, it has been assigned its own record.
Affected Products
Oracle application_server_10g
References
BugTraq: 15146
CVE: CVE-2005-3460
URL: http://www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html http://www.securityfocus.com/archive/1/413957
Short Name
DB:ORACLE:EMANAGEMENT-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2005-3460 Emanagement Oracle Overflow bid:15146
Release Date
03/06/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
False Positive
Unknown
Vendors
Oracle
CVSS Score
10.0